.TH CRYPT 3 
.SH NAME
crypt, setkey, encrypt \- DES encryption
.SH SYNOPSIS
.B char *crypt(key, salt)
.br
.B char *key, *salt;
.PP
.B setkey(key)
.br
.B char *key;
.PP
.B encrypt(block, edflag)
.br
.B char *block;
.SH DESCRIPTION
.I Crypt
is the password encryption routine.
It is based on the NBS Data Encryption Standard, with
variations intended (among other things) to frustrate use of hardware
implementations of the DES for key search.
.PP
The first argument to
.I crypt
is a user's typed password.
The second is a 2-character string chosen from the
set [a-zA-Z0-9./].
The
.I salt
string is used to perturb the DES algorithm in one of 4096
different ways, after which the password
is used as the key to encrypt repeatedly a constant string.
The returned value points to the encrypted password,
in the same alphabet as the salt.
The first two characters are the salt itself.
.PP
The other entries provide (rather primitive)
access to the actual DES algorithm.
The argument of
.I setkey
is a character array of length 64 containing only the characters
with numerical value 0 and 1.
If this string is divided into groups of 8,
the low-order bit in each group is ignored,
leading to a 56-bit key which is set into the machine.
.PP
The argument to the
.I encrypt
entry is likewise a character array of length 64
containing 0's and 1's.
The argument array is modified in place
to a similar array
representing the bits of the argument after having been
subjected to the DES algorithm using the key set by
.I setkey.
If
.I edflag
is 0, the argument is encrypted;
if non-zero,
it is decrypted.
.SH "SEE ALSO"
passwd(1), passwd(5), login(1), getpass(3)
.SH BUGS
The return value
points to static data whose content is overwritten
by each call.
